US20170134379A1 - Method for securing an application and data - Google Patents
Method for securing an application and data Download PDFInfo
- Publication number
- US20170134379A1 US20170134379A1 US15/319,396 US201515319396A US2017134379A1 US 20170134379 A1 US20170134379 A1 US 20170134379A1 US 201515319396 A US201515319396 A US 201515319396A US 2017134379 A1 US2017134379 A1 US 2017134379A1
- Authority
- US
- United States
- Prior art keywords
- application
- cipher
- securing
- instructions
- applying
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
- 238000000034 method Methods 0.000 title claims abstract description 97
- 238000012545 processing Methods 0.000 claims description 54
- 238000012795 verification Methods 0.000 claims description 8
- 230000002265 prevention Effects 0.000 claims description 3
- 230000006870 function Effects 0.000 description 49
- 230000015654 memory Effects 0.000 description 28
- 230000001012 protector Effects 0.000 description 21
- 238000004590 computer program Methods 0.000 description 14
- 230000001360 synchronised effect Effects 0.000 description 14
- 238000004891 communication Methods 0.000 description 12
- 230000000295 complement effect Effects 0.000 description 12
- 238000004422 calculation algorithm Methods 0.000 description 8
- 238000004458 analytical method Methods 0.000 description 2
- 230000008901 benefit Effects 0.000 description 2
- 238000004364 calculation method Methods 0.000 description 2
- 230000001413 cellular effect Effects 0.000 description 2
- 230000009471 action Effects 0.000 description 1
- 230000004075 alteration Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000011156 evaluation Methods 0.000 description 1
- 238000003780 insertion Methods 0.000 description 1
- 230000037431 insertion Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/14—Protecting executable software against software analysis or reverse engineering, e.g. by obfuscation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/54—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by adding security routines or objects to programs
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/061—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
Definitions
- the present disclosure relates to the field of software security. More specifically, the present disclosure relates to methods for securing an application and/or data generated by the application.
- Data ciphering is used in a plurality of contexts where sensitive data need to be protected from reading, alteration, copy, etc.
- Data ciphering includes a first step where the sensitive data are encrypted at a first entity (e.g. a computing device, a server, etc.). The encrypted data are then transmitted to a second entity (e.g. another computing device, another server, etc.).
- Data ciphering includes a second step where the encrypted data are decrypted at the second entity to recover the sensitive data. The recovered sensitive data can then be processed at the second entity.
- Data ciphering can be used to secure an application, for instance by using a cipher to encrypt/decrypt data generated by the execution of the application.
- Data ciphering is based on the encryption/decryption of the sensitive data by encryption keys (e.g. symmetric keys or asymmetric public/private keys).
- encryption keys e.g. symmetric keys or asymmetric public/private keys.
- the strength of a cipher depends on several parameters, including the length of the ciphering key(s), the algorithm for generating the ciphering key(s), etc.
- ciphers which could supposedly not be tampered, were in fact vulnerable to tampering attacks.
- One type of attack consists in brute force attack, where the advances in computing technologies provide enough processing power to break a cipher that could not be broken in the past due to a lack of adequate processing power.
- Another type of attack consists in retro-engineering of ciphers. For instance, by studying published data about a cipher, an attacker can find vulnerability in the cipher and use it to break it. Alternatively, by analyzing the execution by a processor of software instructions implementing a cipher, an attacker can determine how the cipher operates and use this knowledge to break it.
- the present disclosure relates to a method for securing data by means of a unique cipher.
- the method comprises generating the unique cipher by a processing unit, by performing at least one iteration of: inputting a random number, the random number corresponding to a pre-defined operation stored in memory; inputting at least one operand; and executing instructions for applying the pre-defined operation to the at least one operand.
- the present disclosure relates to a method for securing data by means of a multi-threaded cipher.
- the method comprises executing, by a processing unit, a ciphering function as a plurality of threads.
- Each thread comprises instructions, that when executed by the processing unit, apply parts of the cipher to secure the data.
- Two threads of the ciphering function may be performed in synchronicity.
- the present disclosure relates to a method for securing an application and/or data generated by the application by means of a multi-level cipher.
- the method comprises executing, by a processing unit, securing instructions independently stored in the application and in an operating system (OS) running the application.
- the securing instructions stored in the application generate an application cipher part and the securing instructions stored in the OS generate an OS cipher part.
- the application and/or the data generated by the application is/are secured by applying the application cipher part and the OS cipher part.
- the present disclosure relates to a method for securing an application by means of a multi-level security function(s).
- the method comprises executing, by a processing unit, securing instructions independently stored in the application and in an operating system (OS) running the application.
- the securing instructions stored in the application provide an application part security function and the securing instructions stored in the OS provide an OS part security function.
- the application is secured by executing the application part security functions and the OS part security function(s).
- FIG. 1 illustrates computing devices for carrying out ciphering operations
- FIG. 2 illustrates a decompilation of a set of instructions
- FIG. 3 illustrates an array of pre-defined arithmetic operators for generating a unique cipher
- FIG. 4 illustrates multi-threaded ciphering operations
- FIG. 5 illustrates software layers of a computing device for protecting an application by means of a multi-level cipher
- FIGS. 6 and 7 illustrate an execution flow of an application protected with securing instructions stored in the application
- FIG. 8 illustrates the generation of a protected application starting from its binary code
- FIG. 9 illustrates an execution flow of an application protected with securing instructions stored in OS services
- FIG. 10 illustrates an execution flow of an application protected with securing instructions stored in an OS kernel
- FIG. 11 illustrates a multi-level cipher in a cloud environment.
- Cipher a cipher (or ciphering algorithm) is an algorithm for performing encryption or decryption of data. Encryption and decryption are complementary operations: source data are first encrypted (by an encryption cipher) and the encrypted data are later decrypted (by a complementary decryption cipher) to recover the source data. Ciphers are distinguished by the type of key used: symmetric key algorithms where the same key is used for encryption and decryption, and asymmetric key algorithms where two different keys are used for encryption and decryption. Ciphers are also distinguished by the type of input data: block ciphers which encrypt block of data of fixed size, and stream ciphers which encrypt continuous streams of data.
- a computer program (also referred to as a software program) comprising instructions that when executed by a processing unit of a computing device performs a specific task on the computing device (e.g. implement a method on the computing device).
- the instructions of the computer program are referred to as the binary code of the computer program.
- the term application refers to a computer program that can be secured via different means detailed in the following.
- Multi-threading in the context of the present specification, the expression ‘multi-threading’ refers to multiple threads executed from different entities, such as the application and the OS.
- the threads located outside the protected application are not visible (accessible) from the application.
- the protected application does not know that it is protected from outside, and there is no communication from the application to the protectors located in the OS.
- the present disclosure specifically addresses the usage of ciphers to secure data such as applications, in particular to prevent tampering of the binary code of an application, and the data generated by the application.
- the binary code of an application and/or of the data generated by the application can be retro-engineered by an attacker. For instance, by analyzing any particular set of instructions of the binary code, the attacker is capable of determining the purpose of this particular set of instructions or data. Then, the attacker can modify this particular set of instructions or the data generated by the particular set of instructions, so that when executed on a processing unit of a computing device, an unexpected action is performed to the benefit of the attacker (e.g. retrieving sensitive data generated or received by the application, and transmitting these sensitive data to a remote computing device under the control of the attacker).
- an unexpected action is performed to the benefit of the attacker (e.g. retrieving sensitive data generated or received by the application, and transmitting these sensitive data to a remote computing device under the control of the attacker).
- computing devices 10 and 20 for implementing methods for securing an application and/or data generated by the application are represented.
- the computing device 10 comprises a processing unit 11 , having one or more processors (not represented in FIG. 1 ) capable of executing instructions of a computer program. Each processor may further have one or several cores.
- the computing device 10 also comprises memory 12 for storing instructions of the computer program, data generated by the execution of the computer program, etc. Only a single memory 12 is represented in FIG. 1 , but the computing device 10 may comprise several types of memories, including volatile memory (such as a volatile Random Access Memory (RAM)) and non-volatile memory (such as a hard drive).
- RAM volatile Random Access Memory
- non-volatile memory such as a hard drive
- the memory 12 is shown as a separate entity from the processing unit 11 , those skilled in the art will understand that the memory could be integral with the processing unit 11 .
- the computing device 20 is similar to the computing device 10 and also comprises a processing unit 21 and memory 22 , and again, the memory 22 could alternately be integral with the processing unit 21 .
- the computing devices 10 and 20 further comprise a communication interface (respectively 13 and 23 ) for exchanging data with other entities through communication links 30 (e.g. a cellular network, a fixed Internet network, etc.).
- communication links 30 e.g. a cellular network, a fixed Internet network, etc.
- the computing devices 10 and 20 exchange data between each other through the communication links 30 .
- Instructions of a security program implement the steps of a method for securing the application and/or data generated by the application.
- the instructions are comprised in a computer program product and provide for securing the application and/or data generated by the application, when executed by a processor of the processing units 11 or 21 of the computing devices 10 or 20 .
- the instructions of the computer program product are deliverable via an electronically-readable media such as a storage media (e.g. a USB key, a CD-ROM, a portable hard drive, etc.) or via the communication links 30 (through the communication interfaces 13 or 23 ).
- the computing device 20 is referred to as the encrypting computing device and applies an encryption cipher
- the computing device 10 is referred to as the decrypting computing device and applies a complementary decryption cipher.
- the computing devices 10 and 20 represented in FIG. 1 are for exemplary purposes only, and are not intended to limit the scope of the present disclosure.
- Examples of computing devices 10 and 20 include servers, desktops, laptops, tablets, smartphones, connected home appliances (e.g. televisions, decoders, modems, access points, etc.), etc.
- the method comprises decompilation of an original binary code, followed by an insertion of additional instructions in the original binary code to obfuscate it (and thus make it less understandable by an attacker).
- the binary code of an application consists of base instructions and control instructions.
- Base instructions compose basic blocks of instructions that execute sequentially.
- Control instructions are instructions with the capability to change the control flow (e.g. jumps, conditions, calls and return instructions) of the application.
- the decompilation step consists in identifying all basic blocks and their relationships (by identifying control instructions linking the basic blocks together).
- FIG. 2 represents of a set of instructions 100 with four identified basic blocks (A, B, C and D).
- FIG. 2 also represents the relationships 110 between the basic blocs (A, B, C and D).
- the second step consisting in inserting additional instructions in order to obfuscate the binary code may be performed in several ways. For instance, new instructions may be added to existing basic blocks or additional basic blocks with new instructions may be added. Alternatively or complementarily, existing control instructions may be modified or new control instructions may be added to alter the relationships between the basic blocks. However, the inserted additional instructions only add complexity to the execution of the application, without modifying the specific task performed by the application.
- the set of instructions 100 comprises the control instruction: if (condition). Assuming the value of condition is a variable c1, the control instruction is altered by changing the value of condition to c1 ⁇ c2+c2′, where c2 and c2′ are variables introduced to complicate the condition evaluation. Instructions can be further added to basic block A to affect the values 1 to c2 and 0 to c2′. Thus, the altered set of instructions 100 performs the same task as the original set of instructions 100 , but in a more complex manner due to the introduction of additional instructions.
- Instructions of a security program implement the steps of the method for binary code obfuscation.
- the instructions are comprised in a computer program product and provide for binary code obfuscation, when executed by a processing unit (e.g. 21 or 11 ) of a computing device (e.g. 20 or 10 ).
- FIGS. 1 and 3 a method for securing an application and/or data generated by the application by means of a unique cipher is described.
- the method automatically generates a unique cipher for encrypting an application and/or data generated by the application that needs to be secured.
- the method relies on randomly choosing operations (and optionally operands) to generate the encryption cipher.
- a complementary cipher for decrypting the application and/or data generated by the application is also generated, and consists of complementary operations from those used to generate the encryption cipher. Since a unique cipher is generated and used to secure a specific application and/or data generated by the specific application, an attacker succeeding in breaking the security of this specific application and/or data cannot use this knowledge to break the security of another application and/or data protected by another unique cipher.
- the method comprises generating the unique cipher by a processing unit (e.g. 11 or 21 ) of a computing device (e.g. 10 or 20 ) by performing at least one iteration of the following steps.
- a processing unit e.g. 11 or 21
- a computing device e.g. 10 or 20
- a memory (e.g. 12 or 22 ) of the computing device stores a plurality of pre-defined operations, and the random number uniquely identifies one among the plurality of pre-defined operations.
- the memory (e.g. 12 or 22 ) may store a plurality of pre-defined operators, and the random number uniquely identifies a combination of at least one among the plurality of pre-defined operators, to generate the pre-defined operation.
- the step of inputting at least one operand is the step of inputting at least one operand.
- the step of executing instructions for applying the pre-defined operation to the at least one operand is a step of executing instructions for applying the pre-defined operation to the at least one operand.
- the unique cipher consists of an encryption cipher generated at the encrypting computing device 20 : inputting the random number consists in generating the random number by the processing unit 21 and inputting the at least one operand consists in retrieving the operand(s) from the memory 22 where it is stored.
- the unique cipher also consists of a complementary decryption cipher generated at the decrypting computing device 10 .
- Data encrypted with the encryption cipher at the encrypting computing device 20 are decrypted with the complementary decryption cipher at the decrypting computing device 10 .
- Inputting the random number consists in receiving the random number generated at the computing device 20 via the communication interface 13 .
- the random number is transmitted from the computing device 20 to the computing device 10 via the communication interfaces 23 and 13 through the communication links 30 , in a secure manner.
- the received random number is stored in the memory 12 of the computing device 10 , and used at any time for generating the unique decryption cipher.
- the unique decryption cipher may be generated by the application, by the OS, or by a combination thereof.
- inputting the at least one operand consists in receiving (via the communication interface 13 ) operand(s) used at the computing device 20 for generating the encryption cipher.
- the received operand(s) is stored in the memory 12 of the computing device 10 , and used at any time for generating the unique decryption cipher.
- the plurality of pre-defined operations may be stored for example in an array in a memory (e.g. 12 or 22 ).
- the random number is an index of the array and identifies a particular operation among the plurality of operations. Other methods for correlating the random number to pre-defined operations could alternately be used.
- the pre-defined operation consists in a combination of at least one of the following arithmetic operators: addition, subtraction, multiplication, division, bit shifting, logical negation, logical and, logical inclusive or, and logical exclusive or, etc.
- the plurality of pre-defined arithmetic operators may also be stored in an array in a memory (e.g. 12 or 22 ).
- the random number corresponds to at least one index of the array and identifies at least one particular arithmetic operator among the plurality of arithmetic operators, as will be illustrated later in relation to FIG. 3 .
- Other methods for correlating the random number to pre-defined arithmetic operators could alternately be used.
- the operand consists of one of the following: a block of instructions of an application to secure, a block of data generated by the execution by a processing unit of instructions of an application to secure, a block of bits of a ciphering key, etc.
- the generated unique cipher is used for securing an application by encrypting a binary code of the application.
- some or each iteration of the method consists in applying a pre-defined operation to one of, or a combination of, the following operands: a block of instructions of the binary code of the application to secure, and a block of bits of a ciphering key.
- the generated unique cipher is used for securing an application by decrypting an encrypted binary code of the application.
- each iteration of the method consists in applying a pre-defined operation (complementary to the encrypting pre-defined operation) to one of, or a combination of, the following operands: a block of encrypted instructions of the binary code of the application to secure, and a block of bits of a ciphering key.
- the generated unique cipher is also used for securing an application by encrypting data generated by the application.
- each iteration of the method consists in applying a pre-defined operation to one of, or a combination of, the following operands: a block of data generated by the execution by the processing unit 21 of instructions of the application to secure, and a block of bits of a ciphering key.
- the generated unique cipher is also used for securing an application by decrypting encrypted data of the application.
- some or each iteration of the method consists in applying a pre-defined operation (complementary to the encrypting pre-defined operation) to one of, or a combination of, the following operands: a block of encrypted data of the application, and a block of bits of a ciphering key.
- the block of encrypted data of the application has been generated by the secured application executed on the computing device 20 , encrypted on the computing device 20 , and transmitted to the computing device 10 .
- ciphering key is used generically for a key used for generating and applying an encryption cipher as well as a decryption cipher. It may be a symmetric or an asymmetric ciphering key.
- the processing unit (e.g. 11 or 21 ) generally performs a plurality of iterations for generating the unique cipher.
- the binary code of an application to be secured can be divided into N blocks of bits, and the processing unit may perform N iterations to generate the unique cipher.
- N blocks of bits At each iteration, one of the N blocks of bits is inputted as an operand.
- the result of applying the pre-defined operation to the at least one operand for one iteration is an operand for another iteration.
- Applying the pre-defined operation to the at least one operand may consist in applying the pre-defined operation to a single operand (e.g. a logical negation of an operand). It may also consist in applying the pre-defined operation to more than one operand (e.g. a logical and between two operands, the addition of three operands, etc.).
- the predefined operation consists in a combination of pre-defined operators (e.g. arithmetic operators)
- the pre-defined operation is generally applied to several operands (e.g. addition of a first operand with a second operand, followed by the subtraction of a third operand).
- FIG. 3 illustrates the generation of encryption and decryption ciphers, where the pre-defined operations consist in combinations of pre-defined arithmetic operators.
- the array 200 represented in FIG. 3 comprises the following pre-defined arithmetic operators: addition at index 0 , subtraction at index 1 , left bit shifting at index 2 , right bit shifting at index 3 , multiplication at index 4 , division at index 5 , logical exclusive or at index 6 , logical and at index 7 , and logical negation at index 8 .
- the arithmetic operators represented in FIG. 3 are for illustration purposes only. Additional or different operators may be used, the order of the operators may be different, the operators may be organized in a different manner, etc.
- a first random number 210 is inputted, having the value 0x12, which corresponds to index 3 and 6 of the array 200 .
- the corresponding operation is a combination of a right bit shifting and a logical exclusive or.
- a second random number 220 is inputted, having the value 0x89, which corresponds to index 0 , 4 and 5 of the array 200 .
- the corresponding operation is a combination of an addition, a multiplication and a division.
- a first iteration 230 of the generation of the encryption cipher consists in inputting the first random number 210 , inputting operands Op 1 , Op 2 , and Op 3 , and applying the corresponding operation to the inputted operands.
- a second iteration 240 of the generation of the encryption cipher consists in inputting the second random number 220 , inputting operands Op 1 , Op 2 , Op 3 and Op 4 , and applying the corresponding operation to the inputted operands.
- the encryption cipher is generated at the encrypting computing device 20 .
- a first iteration 250 of the generation of the decryption cipher consists in inputting the first random number 210 , inputting operands Op 1 , Op 2 , and Op 3 , and applying the corresponding operation to the inputted operands.
- the corresponding operation consists of a combination of arithmetic operators complementary to those used at iteration 210 for the encryption cipher.
- a second iteration 260 of the generation of the decryption cipher consists in inputting the second random number 220 , inputting operands Op 1 , Op 2 , Op 3 and Op 4 , and applying the corresponding operation to the inputted operands.
- the corresponding operation consists of a combination of arithmetic operators complementary to those used at iteration 220 for the encryption cipher.
- the decryption cipher is generated at the decrypting computing device 10 .
- the method also comprises inputting another random number for selecting an operand among a plurality of operands based on the other random number. All the inputted operands are selected based on random numbers. Alternatively, only a subset of the inputted operands is selected based on random numbers. For instance, a ciphering key is decomposed into a plurality of blocks of bits used as operands for the cipher. At a particular iteration of the method, the operation applies to an operand, consisting of a blocks of bits of the ciphering key selected, based on the other random number. Similarly, the binary code of an application is decomposed into a plurality of blocks of bits used as operands for the cipher.
- the operation is applied to an operand consisting of a blocks of bits of the binary code selected based on the other random number.
- the selection of the blocks of bits based on random numbers shall ensure that when all the iterations of the method have been performed, all the blocks of bits of the binary code have been processed by the cipher.
- the other random number is used to determine which among the plurality of blocks of bits shall be used at a particular step of the ciphering algorithm
- ciphering keys used by the cipher are randomly generated, before being decomposed into a plurality of blocks of bits used as operands for the cipher.
- the aforementioned method for binary code obfuscation is applied before applying the current method for securing an application by means of a unique cipher.
- the binary code of an application and/or to be secured is obfuscated according to the aforementioned method, before generating a unique encryption cipher and applying it to the obfuscated binary code according to the current method.
- Instructions of a security program implement the steps of the method for securing an application by means of a unique cipher.
- the instructions are comprised in a computer program product and provide for securing the application and/or data generated by the application by means of the unique cipher, when executed by a processing unit (e.g. 21 or 11 ) of a computing device (e.g. 20 or 10 ).
- FIGS. 1 and 4 a method for securing an application and/or data generated by the application by means of a multi-threaded cipher is described.
- the method divides the execution by a processing unit of instructions for securing the application and/or data generated by the application by applying the cipher into complementary threads.
- the threads are designed so that they need to synchronize in order to provide the final outcome of the application of the cipher.
- the synchronization of the threads is performed without using Operating System (OS) thread synchronization services.
- OS Operating System
- a white-box attack consists in having the ciphering operations under the control of a debugger, allowing attackers to observe the run-time ciphering operations. Thus, it is generally a matter of time before attackers manage to understand the ciphering algorithm and/or seize the secured content.
- the method consists in executing by a processing unit (e.g. 11 or 21 ) of a computing device (e.g. 10 or 20 ) a ciphering function as a plurality of threads.
- a processing unit e.g. 11 or 21
- Each thread comprises instructions that when executed by the processing unit (e.g. 11 or 21 ) apply parts of the cipher to secure the application and/or data generated by the application.
- Two threads of the ciphering function are performed in synchronicity.
- a particular thread can be synchronized with a single or with a plurality of other threads.
- a particular thread can have several different points of synchronization with another particular thread. All the threads may be synchronized with each other, or particular threads may not be synchronized with other threads.
- the synchronization may consist in suspending a first thread until a second thread terminates. Alternatively or complementarily, the synchronization may consist in suspending a first thread until data is received from a second thread.
- Applying the cipher to secure the application and/or data generated by the application consists in encrypting a binary code of the application and/or of the data generated by the application.
- the application of the cipher is performed on an encrypting computing device 20 , which then transfers the encrypted binary code to a decrypting computing device 10 .
- Applying the cipher to secure the application consists in decrypting a binary code of the application and/or of the data generated by the application.
- the application of the cipher is performed on the decrypting computing device 10 , which then executes the secured application after decryption of its binary code.
- Applying the cipher to secure the application also consist in encrypting data generated by the execution of the application. Executing the application and applying the cipher is performed on an encrypting computing device 20 , which then transfers the encrypted data to a decrypting computing device 10 .
- Applying the cipher to secure the application also consists in decrypting encrypted data of the application. Applying the cipher is performed on the decrypting computing device 10 , which has received the encrypted data from the encrypting computing device 20 .
- FIG. 4 illustrates the execution of a ciphering function being divided between three synchronized threads 300 , 310 and 320 .
- the first thread 300 suspends its execution to wait for the calculation of R 2 by the second thread 310 , before calculating R 1 .
- the first thread 300 also suspends its execution until the termination of the second thread 310 , before calculating R 11 .
- the second thread 310 is independent of the other threads.
- the third thread 320 suspends its execution until the termination of the first thread 300 , before calculating R 33 .
- the final outcome of the ciphering function is R 33 , calculated by the third thread 320 .
- Any number of threads may be launched for executing the ciphering function.
- some of the threads may perform no operation related to the cipher, but may be present only to make it more difficult for an attacker to understand the relationships and synchronizations between the threads.
- the plurality of threads may be launched concurrently and may execute in parallel. Alternatively, the plurality of threads may be launched at different moments in time.
- the plurality of threads belongs to a plurality of processes running in different memory spaces.
- the cipher applied by the current method for securing an application by means of a multi-threaded cipher consists in the unique cipher generated by the aforementioned method for securing an application by means of a unique cipher.
- the execution of the instructions of at least one of the plurality of threads comprises performing at least one iteration of: inputting a random number corresponding to a pre-defined operation, inputting at least one operand, and executing instructions for applying the pre-defined operation to the at least one operand.
- Instructions of a security program implement the steps of the method for securing an application by means of a multi-threaded cipher.
- the instructions are comprised in a computer program product and provide for protecting the application by means of the multi-threaded cipher, when executed by a processing unit (e.g. 21 or 11 ) of a computing device (e.g. 20 or 10 ).
- FIGS. 1 and 5 a method for securing an application and/or data generated by the application by means of a multi-level security function is described.
- the method divides the execution by a processing unit of instructions for securing the application into securing instructions included into the application itself (for applying an application part security functions), and into securing instructions included into an operating system (OS) running the application (for applying an OS part security functions).
- This method provides an advantage over software security techniques using a self-protection principle only, which means that protectors are embedded into the protected application only. Conversely, self-protection techniques cannot provide a high level of protection due to the fact that protectors are enabled later in the execution flow of the application.
- launching an application developed in the C programing language requires four stages: loading the binary code of the application from disk into memory, C Run-Time (CRT) libraries initialization (required for lower-level functions such as printf, malloc, etc.), dependency resolution (loading necessary libraries), and starting the execution of the binary code of the application.
- CRT C Run-Time
- the security operations are disabled during the first two stages (which are executed by the OS), and can only be applied from the third stage (which is executed by the application to secure).
- the method consists in executing by a processing unit (e.g. 11 or 21 ) of a computing device (e.g. 10 or 20 ) securing instructions independently stored in the application to secure and in an operating system (OS) running the application to secure.
- the securing instructions stored in the application provide an application part security function and the securing instructions stored in the OS provide an OS part security function.
- the application is secured by executing the application part security function and the OS part security function.
- the securing instructions stored in the OS may include OS kernel instructions, OS services instructions, or a combination of OS kernel instructions and OS services instructions.
- OS kernel instructions protect operations performed by the kernel of the OS (e.g. Input/Output management, virtual memory management, task scheduling, graphic driver management).
- OS services instructions protect operations performed by the services of the OS (e.g. network management, printer management, etc.).
- FIG. 5 illustrates exemplary software layers of a computing device (e.g. 10 or 20 ) for securing an application 400 by means of a multi-level security software.
- the software layers include OS kernel securing instructions for securing the application 400 with an OS part security function 430 , OS services securing instructions for securing the application 400 with an OS services part security function 420 , and application securing instructions for securing the application 400 with one or several application part security functions 410 (although only one is shown on FIG. 5 for simplicity purposes).
- the different levels of securing instructions are configured to work in a stand-alone mode, or in a collaborative mode.
- the securing instructions at the OS level e.g. kernel and services
- OS level e.g. kernel and services
- these securing instructions can protect the application (e.g. 400 ) from the earliest stage. This enables application protection as soon as the application is loaded into memory on the computing device.
- the application part security function 410 includes one or more application protectors, each protector providing particular security functionality.
- the OS services part security function 420 includes one or more service protectors
- the OS kernel part security function 430 includes one or more kernel protectors.
- protectors include: binary code obfuscation, binary code integrity verification (verification that the binary code has not been modified), binary code debug prevention (preventing a dynamic analysis of the execution of the binary code), license verification (verification that a license attached to the binary code is authentic), module authentication (verification that third-party libraries loaded for executing the binary code are authentic), binary code decryption, etc.
- Each type of protector may be executed at the application level, at the service level or at the kernel level.
- FIGS. 6 and 7 illustrate an execution flow 500 of an application 400 protected with securing instructions stored in the application.
- the application 400 stores the following components: a stub, fake protectors for misleading an attacker, application protectors, and the encrypted original binary code of the application.
- the application is first loaded from disk into memory and initialized. Then, the securing instructions 510 are executed. For instance, as illustrated in FIG. 7 , the stub is executed first. The stub performs preliminary security checks, installs the fake protectors and the application protectors, and decrypts the encrypted original binary code of the application. Then, dependency resolution is performed and the execution of the decrypted original binary code of the application is started. The fake protectors and the application protectors are executed as separate threads that run concurrently with the original binary code of the application.
- FIG. 8 illustrates the generation of a protected application, starting from the binary code of the application.
- a stub is selected from a stub library and integrated to the protected application.
- a plurality of protectors are selected from a security library and also integrated to the protected application.
- the binary code is signed, encrypted (using a unique cypher as previously discussed) and enhanced with debug prevention and license verification features. Code obfuscation is applied to the protectors, and may also be applied to the binary code.
- the resulting protected application can be used by the present method for securing an application by means of a multi-level security function, for implementing the application level security function.
- FIG. 9 illustrates an execution flow 600 of an application 610 protected with securing instructions 625 stored in the OS services 620 .
- the securing instructions 625 in the OS services 620 are running all the time and are constantly scanning applications currently run by the OS, to identify protected applications (e.g. 610 ).
- the protected application 610 is first loaded from disk into memory and initialized, and then puts itself into suspend mode 615 .
- the securing instructions 625 detect the suspended application 610 and perform security operations specific to the OS services 620 , by executing one or more service protectors. Examples of security functionalities executed by the service protectors include decryption, fixing relocation tables, other dependency resolutions, etc.
- the execution of the binary code of the protected application 610 is then started.
- the securing instructions 625 may perform additional security operations while the secured application 610 is running. When the secured application 610 terminates its execution, the securing instructions 625 remain active (to secure other applications which are still run by the OS).
- FIG. 10 illustrates an execution flow 700 of an application 710 protected with securing instructions 725 stored in the OS kernel 720 .
- the securing instructions 725 in the OS kernel 720 are running all the time and are constantly scanning applications currently run by the OS, to identify protected applications (e.g. 710 ).
- the protected application 710 is first loaded from disk into memory and then immediately put into suspend mode.
- the securing instructions 725 detect the suspended application 710 and perform security operations specific to the OS kernel 720 , by executing one or more kernel protectors. Examples of security functionalities executed by the kernel protectors include decryption, fixing relocation tables, other dependency resolutions, etc.
- the secured application 710 is then initialized, additional dependency resolutions may be performed, and execution of the binary code of the protected application 710 is started.
- the securing instructions 725 may perform additional security operations while the secured application 710 is running. When the secured application 710 terminates its execution, the securing instructions 725 remain active (to secure other applications which are still run by the OS).
- the securing instructions 510 of the application in FIG. 6 the securing instructions 625 of the OS services in FIG. 9 , and the securing instructions 725 of the OS kernel in FIG. 10 have been described independently, these securing instructions may be running concurrently to implement the multi-level protection of the application to secure.
- the current method for securing an application by means of a multi-level security function is combined with a multi-threaded execution of the multi-level security function.
- securing the application by executing the application part security function and/or the OS part security function comprises: executing, by the processing unit, the application part security function or the OS part security function as a plurality of threads, with at least two threads being performed in synchronicity.
- Only the application part security function is executed as a plurality of synchronized threads, only the OS part security function is executed as a plurality of synchronized threads, or both the application part and the OS part security functions are executed as a plurality of synchronized threads (in the latter case, threads for the application part and the OS part are synchronized independently of one another, or are also synchronized with one another).
- Instructions of a security program implement the steps of the method for securing an application by means of a multi-level security function.
- the instructions are comprised in a computer program product and provide for protecting the application by means of the multi-level security function, when executed by a processing unit (e.g. 21 or 11 ) of a computing device (e.g. 20 or 10 ).
- a cloud environment is illustrated, where a server 710 and a client 720 communicate via their respective communication interfaces through communication links 730 (e.g. a cellular network, a fixed Internet network, etc.).
- communication links 730 e.g. a cellular network, a fixed Internet network, etc.
- a processing unit 712 of the server 710 executes instruction of the server part 714 (e.g. calculations) of a protected application and a processing unit 722 of the client 720 executes a client part 724 (e.g. a user interface) of the same protected application.
- the processing unit 712 also executes instructions of a server OS 713 and the processing unit 722 also executes instructions of a client OS 723 .
- Securing instructions stored in the client part 724 of the protected application apply a client part security function when executed by the processing unit 722 and securing instructions stored in the server OS 713 apply a server OS part security function when executed by the processing unit 712 .
- securing instructions stored in the client OS 723 also apply a client OS part security function when executed by the processing unit 722 .
- securing instructions stored in the server part 714 of the protected application also apply a server application part security function when executed by the processing unit 712
- FIGS. 1 and 5 a method for securing an application and/or data generated by the application by means of a multi-level cipher is described.
- the method divides the execution by a processing unit of instructions for securing the application into securing instructions included into the application itself (for applying an application cipher part), and into securing instructions included into an operating system (OS) running the application (for applying an OS cipher part).
- OS operating system
- the method consists in executing by a processing unit (e.g. 11 or 21 ) of a computing device (e.g. 10 or 20 ) securing instructions independently stored in the application to secure and in an operating system (OS) running the application to secure.
- the securing instructions stored in the application generate an application cipher part and the securing instructions stored in the OS generate an OS cipher part.
- the application is secured by applying the application cipher part and the OS cipher part.
- the securing instructions stored in the OS may include OS kernel instructions for generating an OS kernel cipher part, OS services instructions for generating an OS services cipher part, or a combination of OS kernel instructions and OS services instructions.
- OS kernel instructions protect operations performed by the kernel of the OS.
- OS services instructions protect operations performed by the services of the OS.
- FIG. 5 illustrates exemplary software layers of a computing device (e.g. 10 or 20 ) for securing an application 400 by means of a multi-level cipher.
- the software layers include OS kernel securing instructions for securing the application 400 with an OS kernel cipher part 430 , OS services securing instructions for securing the application 400 with an OS services cipher part 420 , and application securing instructions for securing the application 400 with an application cipher part 410 .
- the different levels of securing instructions are configured to work in a stand-alone mode, or in a collaborative mode.
- the securing instructions at the OS level e.g. kernel and services
- OS level e.g. kernel and services
- these securing instructions can protect the application (e.g. 400 ) from the earliest stage. This enables application protection as soon as the application is loaded into memory on the computing device.
- FIG. 6 illustrates an execution flow 500 of an application protected with securing instruction stored in the application.
- the application stores the following components: the securing instructions, optionally fake securing instructions for misleading an attacker, and the encrypted original binary code of the application.
- the application is first loaded from disk into memory and initialized. Then the securing instructions 510 are executed. For instance, the securing instructions 510 apply an application cipher part for decrypting the encrypted original binary code of the application. Then, dependency resolution is performed and the execution of the decrypted original binary code of the application is started.
- FIG. 9 illustrates an execution flow 600 of an application 610 protected with securing instructions 625 stored in the OS services 620 .
- the securing instructions 625 in the OS services 620 are running all the time and are constantly scanning applications currently run by the OS, to identify protected applications (e.g. 610 ).
- the protected application 610 is first loaded from disk into memory and initialized, and then puts itself into suspend mode 615 .
- the securing instructions 625 detect the suspended application 610 and perform security operations specific to the OS services 620 . For instance, the securing instructions 625 apply an OS services cipher part for decrypting the encrypted original binary code of the application 610 .
- the execution of the decrypted original binary code of the protected application 610 is then started.
- the securing instructions 625 remain active (to secure other applications which are still run by the OS).
- FIG. 10 illustrates an execution flow 700 of an application 710 protected with securing instructions 725 stored in the OS kernel 720 .
- the securing instructions 725 in the OS kernel 720 are running all the time and are constantly scanning applications currently run by the OS, to identify protected applications (e.g. 710 ).
- the protected application 710 is first loaded from disk into memory and then immediately put into suspend mode.
- the securing instructions 725 detect the suspended application 710 and perform security operations specific to the OS kernel 720 . For instance, the securing instructions 725 apply an OS kernel cipher part for decrypting the encrypted original binary code of the application 710 .
- the secured application 710 is then initialized, dependency resolution is performed, and execution of the decrypted original binary code of the protected application 710 is started.
- the securing instructions 725 remain active (to secure other applications which are still run by the OS).
- the securing instructions 510 of the application in FIG. 6 the securing instructions 625 of the OS services in FIG. 9 , and the securing instructions 725 of the OS kernel in FIG. 10 have been described independently, these securing instructions may be running concurrently to implement the multi-level protection of the application to secure.
- securing the application by applying the application cipher part and the OS cipher part consists in decrypting a binary code of the application.
- the application of the cipher is performed on a decrypting computing device 10 , which then executes the secured application after decryption of its binary code.
- Securing the application by applying the application cipher part and/or the OS cipher part also consist in encrypting data generated by the execution of the application.
- the data is generated at the application level and/or at the OS level, and are encrypted by the corresponding cipher part.
- Executing the application and applying the cipher is performed on an encrypting computing device 20 , which then transfers the encrypted data to a decrypting computing device 10 .
- the cipher applied by the current method for securing an application by means of a multi-level cipher consists in the unique cipher generated by the aforementioned method for securing an application by means of a unique cipher.
- securing the application by applying the application cipher part and/or the OS cipher part comprises performing at least one iteration of: inputting a random number corresponding to a pre-defined operation, inputting at least one operand, and executing instructions for applying the pre-defined operation to the at least one operand.
- securing the application by applying the application cipher part and/or the OS cipher part comprises: executing, by the processing unit, the application cipher part or the OS cipher part as a plurality of threads, with at least two threads being performed in synchronicity.
- Instructions of a security program implement the steps of the method for securing an application by means of a multi-level cipher.
- the instructions are comprised in a computer program product and provide for protecting the application by means of the multi-level cipher, when executed by a processing unit (e.g. 21 or 11 ) of a computing device (e.g. 20 or 10 ).
Abstract
Description
- The present disclosure relates to the field of software security. More specifically, the present disclosure relates to methods for securing an application and/or data generated by the application.
- Data ciphering is used in a plurality of contexts where sensitive data need to be protected from reading, alteration, copy, etc. Data ciphering includes a first step where the sensitive data are encrypted at a first entity (e.g. a computing device, a server, etc.). The encrypted data are then transmitted to a second entity (e.g. another computing device, another server, etc.). Data ciphering includes a second step where the encrypted data are decrypted at the second entity to recover the sensitive data. The recovered sensitive data can then be processed at the second entity.
- Data ciphering can be used to secure an application, for instance by using a cipher to encrypt/decrypt data generated by the execution of the application.
- Data ciphering is based on the encryption/decryption of the sensitive data by encryption keys (e.g. symmetric keys or asymmetric public/private keys). The strength of a cipher (aka a ciphering algorithm) depends on several parameters, including the length of the ciphering key(s), the algorithm for generating the ciphering key(s), etc. However, it has been proven in the past that ciphers, which could supposedly not be tampered, were in fact vulnerable to tampering attacks. One type of attack consists in brute force attack, where the advances in computing technologies provide enough processing power to break a cipher that could not be broken in the past due to a lack of adequate processing power. Another type of attack consists in retro-engineering of ciphers. For instance, by studying published data about a cipher, an attacker can find vulnerability in the cipher and use it to break it. Alternatively, by analyzing the execution by a processor of software instructions implementing a cipher, an attacker can determine how the cipher operates and use this knowledge to break it.
- Although a lot of efforts and knowledge in the cryptographic field have been dedicated to designing robust ciphers, there is no warranty that any cipher is a hundred percent safe. Furthermore, most of the efforts have been concentrated on the cryptographic aspects of ciphers. However, adding complexity to the execution of a cipher by a processing unit of a computing device improves its robustness, by making it more difficult for an attacker to retro-engineer the cipher.
- Therefore, there is a need for new methods for securing an application, including new methods of using a cipher to protect an application.
- In accordance with a first aspect, the present disclosure relates to a method for securing data by means of a unique cipher. The method comprises generating the unique cipher by a processing unit, by performing at least one iteration of: inputting a random number, the random number corresponding to a pre-defined operation stored in memory; inputting at least one operand; and executing instructions for applying the pre-defined operation to the at least one operand.
- In accordance with a second aspect, the present disclosure relates to a method for securing data by means of a multi-threaded cipher. The method comprises executing, by a processing unit, a ciphering function as a plurality of threads. Each thread comprises instructions, that when executed by the processing unit, apply parts of the cipher to secure the data. Two threads of the ciphering function may be performed in synchronicity.
- In accordance with a third aspect, the present disclosure relates to a method for securing an application and/or data generated by the application by means of a multi-level cipher. The method comprises executing, by a processing unit, securing instructions independently stored in the application and in an operating system (OS) running the application. The securing instructions stored in the application generate an application cipher part and the securing instructions stored in the OS generate an OS cipher part. The application and/or the data generated by the application is/are secured by applying the application cipher part and the OS cipher part.
- In accordance with a fourth aspect, the present disclosure relates to a method for securing an application by means of a multi-level security function(s). The method comprises executing, by a processing unit, securing instructions independently stored in the application and in an operating system (OS) running the application. The securing instructions stored in the application provide an application part security function and the securing instructions stored in the OS provide an OS part security function. The application is secured by executing the application part security functions and the OS part security function(s).
- Embodiments of the disclosure will be described by way of example only with reference to the accompanying drawings, in which:
-
FIG. 1 illustrates computing devices for carrying out ciphering operations; -
FIG. 2 illustrates a decompilation of a set of instructions; -
FIG. 3 illustrates an array of pre-defined arithmetic operators for generating a unique cipher; -
FIG. 4 illustrates multi-threaded ciphering operations; -
FIG. 5 illustrates software layers of a computing device for protecting an application by means of a multi-level cipher; -
FIGS. 6 and 7 illustrate an execution flow of an application protected with securing instructions stored in the application; -
FIG. 8 illustrates the generation of a protected application starting from its binary code; -
FIG. 9 illustrates an execution flow of an application protected with securing instructions stored in OS services; -
FIG. 10 illustrates an execution flow of an application protected with securing instructions stored in an OS kernel; and -
FIG. 11 illustrates a multi-level cipher in a cloud environment. - The foregoing and other features will become more apparent upon reading of the following non-restrictive description of illustrative embodiments thereof, given by way of example only with reference to the accompanying drawings. Like numerals represent like features on the various drawings.
- The following terminology is used throughout the present disclosure:
- Cipher: a cipher (or ciphering algorithm) is an algorithm for performing encryption or decryption of data. Encryption and decryption are complementary operations: source data are first encrypted (by an encryption cipher) and the encrypted data are later decrypted (by a complementary decryption cipher) to recover the source data. Ciphers are distinguished by the type of key used: symmetric key algorithms where the same key is used for encryption and decryption, and asymmetric key algorithms where two different keys are used for encryption and decryption. Ciphers are also distinguished by the type of input data: block ciphers which encrypt block of data of fixed size, and stream ciphers which encrypt continuous streams of data.
- Application: a computer program (also referred to as a software program) comprising instructions that when executed by a processing unit of a computing device performs a specific task on the computing device (e.g. implement a method on the computing device). The instructions of the computer program are referred to as the binary code of the computer program. In the present disclosure, the term application refers to a computer program that can be secured via different means detailed in the following.
- Multi-threading: in the context of the present specification, the expression ‘multi-threading’ refers to multiple threads executed from different entities, such as the application and the OS. The threads located outside the protected application are not visible (accessible) from the application. The protected application does not know that it is protected from outside, and there is no communication from the application to the protectors located in the OS.
- The present disclosure specifically addresses the usage of ciphers to secure data such as applications, in particular to prevent tampering of the binary code of an application, and the data generated by the application. When in clear, the binary code of an application and/or of the data generated by the application can be retro-engineered by an attacker. For instance, by analyzing any particular set of instructions of the binary code, the attacker is capable of determining the purpose of this particular set of instructions or data. Then, the attacker can modify this particular set of instructions or the data generated by the particular set of instructions, so that when executed on a processing unit of a computing device, an unexpected action is performed to the benefit of the attacker (e.g. retrieving sensitive data generated or received by the application, and transmitting these sensitive data to a remote computing device under the control of the attacker). In the following, several methods for securing an application and/or data generated by the application are described.
- Referring now to
FIG. 1 ,computing devices - The
computing device 10 comprises aprocessing unit 11, having one or more processors (not represented inFIG. 1 ) capable of executing instructions of a computer program. Each processor may further have one or several cores. Thecomputing device 10 also comprisesmemory 12 for storing instructions of the computer program, data generated by the execution of the computer program, etc. Only asingle memory 12 is represented inFIG. 1 , but thecomputing device 10 may comprise several types of memories, including volatile memory (such as a volatile Random Access Memory (RAM)) and non-volatile memory (such as a hard drive). Furthermore, although thememory 12 is shown as a separate entity from theprocessing unit 11, those skilled in the art will understand that the memory could be integral with theprocessing unit 11. Thecomputing device 20 is similar to thecomputing device 10 and also comprises aprocessing unit 21 andmemory 22, and again, thememory 22 could alternately be integral with theprocessing unit 21. - The
computing devices computing devices - Instructions of a security program implement the steps of a method for securing the application and/or data generated by the application. The instructions are comprised in a computer program product and provide for securing the application and/or data generated by the application, when executed by a processor of the
processing units computing devices computing device 20 is referred to as the encrypting computing device and applies an encryption cipher, while thecomputing device 10 is referred to as the decrypting computing device and applies a complementary decryption cipher. - The
computing devices FIG. 1 are for exemplary purposes only, and are not intended to limit the scope of the present disclosure. Examples ofcomputing devices - Referring now concurrently to
FIGS. 1 and 2 , a method for binary code obfuscation is described. - The method comprises decompilation of an original binary code, followed by an insertion of additional instructions in the original binary code to obfuscate it (and thus make it less understandable by an attacker).
- The binary code of an application consists of base instructions and control instructions. Base instructions compose basic blocks of instructions that execute sequentially. Control instructions are instructions with the capability to change the control flow (e.g. jumps, conditions, calls and return instructions) of the application.
- The decompilation step consists in identifying all basic blocks and their relationships (by identifying control instructions linking the basic blocks together).
FIG. 2 represents of a set ofinstructions 100 with four identified basic blocks (A, B, C and D).FIG. 2 also represents therelationships 110 between the basic blocs (A, B, C and D). - The second step consisting in inserting additional instructions in order to obfuscate the binary code may be performed in several ways. For instance, new instructions may be added to existing basic blocks or additional basic blocks with new instructions may be added. Alternatively or complementarily, existing control instructions may be modified or new control instructions may be added to alter the relationships between the basic blocks. However, the inserted additional instructions only add complexity to the execution of the application, without modifying the specific task performed by the application.
- Referring to
FIG. 2 , the set ofinstructions 100 comprises the control instruction: if (condition). Assuming the value of condition is a variable c1, the control instruction is altered by changing the value of condition to c1·c2+c2′, where c2 and c2′ are variables introduced to complicate the condition evaluation. Instructions can be further added to basic block A to affect thevalues 1 to c2 and 0 to c2′. Thus, the altered set ofinstructions 100 performs the same task as the original set ofinstructions 100, but in a more complex manner due to the introduction of additional instructions. - Instructions of a security program implement the steps of the method for binary code obfuscation. The instructions are comprised in a computer program product and provide for binary code obfuscation, when executed by a processing unit (e.g. 21 or 11) of a computing device (e.g. 20 or 10).
- Although the concept of binary obfuscation has been described in the context of instructions of an application, those skilled in the art will appreciate that the concept of binary obfuscation could also be used for inserting unnecessary bits to data generated by the application.
- Method for Securing an Application and/or Data Generated by the Application by Means of a Unique Cipher
- Referring now concurrently to
FIGS. 1 and 3 , a method for securing an application and/or data generated by the application by means of a unique cipher is described. - The method automatically generates a unique cipher for encrypting an application and/or data generated by the application that needs to be secured. The method relies on randomly choosing operations (and optionally operands) to generate the encryption cipher. A complementary cipher for decrypting the application and/or data generated by the application is also generated, and consists of complementary operations from those used to generate the encryption cipher. Since a unique cipher is generated and used to secure a specific application and/or data generated by the specific application, an attacker succeeding in breaking the security of this specific application and/or data cannot use this knowledge to break the security of another application and/or data protected by another unique cipher.
- The method comprises generating the unique cipher by a processing unit (e.g. 11 or 21) of a computing device (e.g. 10 or 20) by performing at least one iteration of the following steps.
- The step of inputting a random number corresponding to a pre-defined operation: a memory (e.g. 12 or 22) of the computing device (e.g. 10 or 20) stores a plurality of pre-defined operations, and the random number uniquely identifies one among the plurality of pre-defined operations. Alternatively, the memory (e.g. 12 or 22) may store a plurality of pre-defined operators, and the random number uniquely identifies a combination of at least one among the plurality of pre-defined operators, to generate the pre-defined operation.
- The step of inputting at least one operand.
- The step of executing instructions for applying the pre-defined operation to the at least one operand.
- The unique cipher consists of an encryption cipher generated at the encrypting computing device 20: inputting the random number consists in generating the random number by the
processing unit 21 and inputting the at least one operand consists in retrieving the operand(s) from thememory 22 where it is stored. - The unique cipher also consists of a complementary decryption cipher generated at the
decrypting computing device 10. Data encrypted with the encryption cipher at theencrypting computing device 20 are decrypted with the complementary decryption cipher at thedecrypting computing device 10. Inputting the random number consists in receiving the random number generated at thecomputing device 20 via thecommunication interface 13. The random number is transmitted from thecomputing device 20 to thecomputing device 10 via the communication interfaces 23 and 13 through the communication links 30, in a secure manner. The received random number is stored in thememory 12 of thecomputing device 10, and used at any time for generating the unique decryption cipher. The unique decryption cipher may be generated by the application, by the OS, or by a combination thereof. Similarly, inputting the at least one operand consists in receiving (via the communication interface 13) operand(s) used at thecomputing device 20 for generating the encryption cipher. The received operand(s) is stored in thememory 12 of thecomputing device 10, and used at any time for generating the unique decryption cipher. - The plurality of pre-defined operations may be stored for example in an array in a memory (e.g. 12 or 22). The random number is an index of the array and identifies a particular operation among the plurality of operations. Other methods for correlating the random number to pre-defined operations could alternately be used.
- The pre-defined operation consists in a combination of at least one of the following arithmetic operators: addition, subtraction, multiplication, division, bit shifting, logical negation, logical and, logical inclusive or, and logical exclusive or, etc.
- The plurality of pre-defined arithmetic operators may also be stored in an array in a memory (e.g. 12 or 22). The random number corresponds to at least one index of the array and identifies at least one particular arithmetic operator among the plurality of arithmetic operators, as will be illustrated later in relation to
FIG. 3 . Other methods for correlating the random number to pre-defined arithmetic operators could alternately be used. - The operand consists of one of the following: a block of instructions of an application to secure, a block of data generated by the execution by a processing unit of instructions of an application to secure, a block of bits of a ciphering key, etc.
- The generated unique cipher is used for securing an application by encrypting a binary code of the application. For instance, at the
encrypting computing device 20, some or each iteration of the method consists in applying a pre-defined operation to one of, or a combination of, the following operands: a block of instructions of the binary code of the application to secure, and a block of bits of a ciphering key. - The generated unique cipher is used for securing an application by decrypting an encrypted binary code of the application. For instance, at the
decrypting computing device 10, each iteration of the method consists in applying a pre-defined operation (complementary to the encrypting pre-defined operation) to one of, or a combination of, the following operands: a block of encrypted instructions of the binary code of the application to secure, and a block of bits of a ciphering key. - The generated unique cipher is also used for securing an application by encrypting data generated by the application. For instance, at the
encrypting computing device 20, each iteration of the method consists in applying a pre-defined operation to one of, or a combination of, the following operands: a block of data generated by the execution by theprocessing unit 21 of instructions of the application to secure, and a block of bits of a ciphering key. - The generated unique cipher is also used for securing an application by decrypting encrypted data of the application. For instance, at the
decrypting computing device 10, some or each iteration of the method consists in applying a pre-defined operation (complementary to the encrypting pre-defined operation) to one of, or a combination of, the following operands: a block of encrypted data of the application, and a block of bits of a ciphering key. The block of encrypted data of the application has been generated by the secured application executed on thecomputing device 20, encrypted on thecomputing device 20, and transmitted to thecomputing device 10. - The term ciphering key is used generically for a key used for generating and applying an encryption cipher as well as a decryption cipher. It may be a symmetric or an asymmetric ciphering key.
- The processing unit (e.g. 11 or 21) generally performs a plurality of iterations for generating the unique cipher. For instance, the binary code of an application to be secured can be divided into N blocks of bits, and the processing unit may perform N iterations to generate the unique cipher. At each iteration, one of the N blocks of bits is inputted as an operand. Furthermore, the result of applying the pre-defined operation to the at least one operand for one iteration is an operand for another iteration.
- Applying the pre-defined operation to the at least one operand may consist in applying the pre-defined operation to a single operand (e.g. a logical negation of an operand). It may also consist in applying the pre-defined operation to more than one operand (e.g. a logical and between two operands, the addition of three operands, etc.).
- In the case where the predefined operation consists in a combination of pre-defined operators (e.g. arithmetic operators), the pre-defined operation is generally applied to several operands (e.g. addition of a first operand with a second operand, followed by the subtraction of a third operand).
-
FIG. 3 illustrates the generation of encryption and decryption ciphers, where the pre-defined operations consist in combinations of pre-defined arithmetic operators. Thearray 200 represented inFIG. 3 comprises the following pre-defined arithmetic operators: addition atindex 0, subtraction atindex 1, left bit shifting atindex 2, right bit shifting atindex 3, multiplication atindex 4, division atindex 5, logical exclusive or atindex 6, logical and atindex 7, and logical negation atindex 8. The arithmetic operators represented inFIG. 3 are for illustration purposes only. Additional or different operators may be used, the order of the operators may be different, the operators may be organized in a different manner, etc. A firstrandom number 210 is inputted, having the value 0x12, which corresponds toindex array 200. Thus, the corresponding operation is a combination of a right bit shifting and a logical exclusive or. A secondrandom number 220 is inputted, having the value 0x89, which corresponds toindex array 200. Thus, the corresponding operation is a combination of an addition, a multiplication and a division. - A
first iteration 230 of the generation of the encryption cipher consists in inputting the firstrandom number 210, inputting operands Op1, Op2, and Op3, and applying the corresponding operation to the inputted operands. Asecond iteration 240 of the generation of the encryption cipher consists in inputting the secondrandom number 220, inputting operands Op1, Op2, Op3 and Op4, and applying the corresponding operation to the inputted operands. The encryption cipher is generated at theencrypting computing device 20. - A
first iteration 250 of the generation of the decryption cipher consists in inputting the firstrandom number 210, inputting operands Op1, Op2, and Op3, and applying the corresponding operation to the inputted operands. The corresponding operation consists of a combination of arithmetic operators complementary to those used atiteration 210 for the encryption cipher. Asecond iteration 260 of the generation of the decryption cipher consists in inputting the secondrandom number 220, inputting operands Op1, Op2, Op3 and Op4, and applying the corresponding operation to the inputted operands. The corresponding operation consists of a combination of arithmetic operators complementary to those used atiteration 220 for the encryption cipher. The decryption cipher is generated at thedecrypting computing device 10. - In a particular aspect, the method also comprises inputting another random number for selecting an operand among a plurality of operands based on the other random number. All the inputted operands are selected based on random numbers. Alternatively, only a subset of the inputted operands is selected based on random numbers. For instance, a ciphering key is decomposed into a plurality of blocks of bits used as operands for the cipher. At a particular iteration of the method, the operation applies to an operand, consisting of a blocks of bits of the ciphering key selected, based on the other random number. Similarly, the binary code of an application is decomposed into a plurality of blocks of bits used as operands for the cipher. At a particular iteration of the method, the operation is applied to an operand consisting of a blocks of bits of the binary code selected based on the other random number. In this particular aspect, the selection of the blocks of bits based on random numbers shall ensure that when all the iterations of the method have been performed, all the blocks of bits of the binary code have been processed by the cipher.
- The other random number is used to determine which among the plurality of blocks of bits shall be used at a particular step of the ciphering algorithm
- In another particular aspect, ciphering keys used by the cipher are randomly generated, before being decomposed into a plurality of blocks of bits used as operands for the cipher.
- In still another particular aspect, the aforementioned method for binary code obfuscation is applied before applying the current method for securing an application by means of a unique cipher. For instance, the binary code of an application and/or to be secured is obfuscated according to the aforementioned method, before generating a unique encryption cipher and applying it to the obfuscated binary code according to the current method.
- Instructions of a security program implement the steps of the method for securing an application by means of a unique cipher. The instructions are comprised in a computer program product and provide for securing the application and/or data generated by the application by means of the unique cipher, when executed by a processing unit (e.g. 21 or 11) of a computing device (e.g. 20 or 10).
- Method for Securing an Application and/or Data Generated by the Application by Means of a Multi-threaded Cipher
- Referring now concurrently to
FIGS. 1 and 4 , a method for securing an application and/or data generated by the application by means of a multi-threaded cipher is described. - The method divides the execution by a processing unit of instructions for securing the application and/or data generated by the application by applying the cipher into complementary threads. The threads are designed so that they need to synchronize in order to provide the final outcome of the application of the cipher. The synchronization of the threads is performed without using Operating System (OS) thread synchronization services. By using a plurality of threads, an analysis of the ciphering operations becomes more difficult for an attacker, since debugging multi-threaded applications with a large degree of synchronization is far more difficult in comparison with applications executing as a single thread. In particular, white-box attacks are less effective in a multi-threaded environment. A white-box attack consists in having the ciphering operations under the control of a debugger, allowing attackers to observe the run-time ciphering operations. Thus, it is generally a matter of time before attackers manage to understand the ciphering algorithm and/or seize the secured content.
- The method consists in executing by a processing unit (e.g. 11 or 21) of a computing device (e.g. 10 or 20) a ciphering function as a plurality of threads. Each thread comprises instructions that when executed by the processing unit (e.g. 11 or 21) apply parts of the cipher to secure the application and/or data generated by the application. Two threads of the ciphering function are performed in synchronicity.
- A particular thread can be synchronized with a single or with a plurality of other threads. A particular thread can have several different points of synchronization with another particular thread. All the threads may be synchronized with each other, or particular threads may not be synchronized with other threads.
- The synchronization may consist in suspending a first thread until a second thread terminates. Alternatively or complementarily, the synchronization may consist in suspending a first thread until data is received from a second thread.
- Applying the cipher to secure the application and/or data generated by the application consists in encrypting a binary code of the application and/or of the data generated by the application. The application of the cipher is performed on an
encrypting computing device 20, which then transfers the encrypted binary code to adecrypting computing device 10. - Applying the cipher to secure the application consists in decrypting a binary code of the application and/or of the data generated by the application. The application of the cipher is performed on the
decrypting computing device 10, which then executes the secured application after decryption of its binary code. - Applying the cipher to secure the application also consist in encrypting data generated by the execution of the application. Executing the application and applying the cipher is performed on an
encrypting computing device 20, which then transfers the encrypted data to adecrypting computing device 10. - Applying the cipher to secure the application also consists in decrypting encrypted data of the application. Applying the cipher is performed on the
decrypting computing device 10, which has received the encrypted data from the encryptingcomputing device 20. -
FIG. 4 illustrates the execution of a ciphering function being divided between threesynchronized threads first thread 300 suspends its execution to wait for the calculation of R2 by thesecond thread 310, before calculating R1. Thefirst thread 300 also suspends its execution until the termination of thesecond thread 310, before calculating R11. Thesecond thread 310 is independent of the other threads. Thethird thread 320 suspends its execution until the termination of thefirst thread 300, before calculating R33. The final outcome of the ciphering function is R33, calculated by thethird thread 320. - Any number of threads may be launched for executing the ciphering function. In particular, some of the threads may perform no operation related to the cipher, but may be present only to make it more difficult for an attacker to understand the relationships and synchronizations between the threads. The plurality of threads may be launched concurrently and may execute in parallel. Alternatively, the plurality of threads may be launched at different moments in time.
- In a particular aspect, the plurality of threads belongs to a plurality of processes running in different memory spaces.
- In another particular aspect, the cipher applied by the current method for securing an application by means of a multi-threaded cipher consists in the unique cipher generated by the aforementioned method for securing an application by means of a unique cipher. Hence, the execution of the instructions of at least one of the plurality of threads comprises performing at least one iteration of: inputting a random number corresponding to a pre-defined operation, inputting at least one operand, and executing instructions for applying the pre-defined operation to the at least one operand.
- Instructions of a security program implement the steps of the method for securing an application by means of a multi-threaded cipher. The instructions are comprised in a computer program product and provide for protecting the application by means of the multi-threaded cipher, when executed by a processing unit (e.g. 21 or 11) of a computing device (e.g. 20 or 10).
- Method for Securing an Application and/or Data Generated by the Application by Means of a Multi-Level Security Functions
- Referring now concurrently to
FIGS. 1 and 5 , a method for securing an application and/or data generated by the application by means of a multi-level security function is described. - The method divides the execution by a processing unit of instructions for securing the application into securing instructions included into the application itself (for applying an application part security functions), and into securing instructions included into an operating system (OS) running the application (for applying an OS part security functions). This method provides an advantage over software security techniques using a self-protection principle only, which means that protectors are embedded into the protected application only. Conversely, self-protection techniques cannot provide a high level of protection due to the fact that protectors are enabled later in the execution flow of the application. For example, launching an application developed in the C programing language requires four stages: loading the binary code of the application from disk into memory, C Run-Time (CRT) libraries initialization (required for lower-level functions such as printf, malloc, etc.), dependency resolution (loading necessary libraries), and starting the execution of the binary code of the application. In the case of self-protection techniques, the security operations are disabled during the first two stages (which are executed by the OS), and can only be applied from the third stage (which is executed by the application to secure).
- The method consists in executing by a processing unit (e.g. 11 or 21) of a computing device (e.g. 10 or 20) securing instructions independently stored in the application to secure and in an operating system (OS) running the application to secure. The securing instructions stored in the application provide an application part security function and the securing instructions stored in the OS provide an OS part security function. The application is secured by executing the application part security function and the OS part security function.
- The securing instructions stored in the OS may include OS kernel instructions, OS services instructions, or a combination of OS kernel instructions and OS services instructions. OS kernel instructions protect operations performed by the kernel of the OS (e.g. Input/Output management, virtual memory management, task scheduling, graphic driver management). OS services instructions protect operations performed by the services of the OS (e.g. network management, printer management, etc.).
-
FIG. 5 illustrates exemplary software layers of a computing device (e.g. 10 or 20) for securing anapplication 400 by means of a multi-level security software. The software layers include OS kernel securing instructions for securing theapplication 400 with an OSpart security function 430, OS services securing instructions for securing theapplication 400 with an OS servicespart security function 420, and application securing instructions for securing theapplication 400 with one or several application part security functions 410 (although only one is shown onFIG. 5 for simplicity purposes). - The different levels of securing instructions (e.g. application level, OS services level and OS kernel level) are configured to work in a stand-alone mode, or in a collaborative mode. The securing instructions at the OS level (e.g. kernel and services) are active all the time, since they are loaded by the OS at boot time. Therefore, these securing instructions can protect the application (e.g. 400) from the earliest stage. This enables application protection as soon as the application is loaded into memory on the computing device.
- The application
part security function 410 includes one or more application protectors, each protector providing particular security functionality. Similarly, the OS servicespart security function 420 includes one or more service protectors, and the OS kernelpart security function 430 includes one or more kernel protectors. Examples of protectors include: binary code obfuscation, binary code integrity verification (verification that the binary code has not been modified), binary code debug prevention (preventing a dynamic analysis of the execution of the binary code), license verification (verification that a license attached to the binary code is authentic), module authentication (verification that third-party libraries loaded for executing the binary code are authentic), binary code decryption, etc. Each type of protector may be executed at the application level, at the service level or at the kernel level. -
FIGS. 6 and 7 illustrate anexecution flow 500 of anapplication 400 protected with securing instructions stored in the application. Theapplication 400 stores the following components: a stub, fake protectors for misleading an attacker, application protectors, and the encrypted original binary code of the application. - The application is first loaded from disk into memory and initialized. Then, the securing
instructions 510 are executed. For instance, as illustrated inFIG. 7 , the stub is executed first. The stub performs preliminary security checks, installs the fake protectors and the application protectors, and decrypts the encrypted original binary code of the application. Then, dependency resolution is performed and the execution of the decrypted original binary code of the application is started. The fake protectors and the application protectors are executed as separate threads that run concurrently with the original binary code of the application. -
FIG. 8 illustrates the generation of a protected application, starting from the binary code of the application. A stub is selected from a stub library and integrated to the protected application. A plurality of protectors are selected from a security library and also integrated to the protected application. The binary code is signed, encrypted (using a unique cypher as previously discussed) and enhanced with debug prevention and license verification features. Code obfuscation is applied to the protectors, and may also be applied to the binary code. The resulting protected application can be used by the present method for securing an application by means of a multi-level security function, for implementing the application level security function. -
FIG. 9 illustrates anexecution flow 600 of anapplication 610 protected with securinginstructions 625 stored in the OS services 620. The securinginstructions 625 in theOS services 620 are running all the time and are constantly scanning applications currently run by the OS, to identify protected applications (e.g. 610). The protectedapplication 610 is first loaded from disk into memory and initialized, and then puts itself into suspendmode 615. The securinginstructions 625 detect the suspendedapplication 610 and perform security operations specific to theOS services 620, by executing one or more service protectors. Examples of security functionalities executed by the service protectors include decryption, fixing relocation tables, other dependency resolutions, etc. The execution of the binary code of the protectedapplication 610 is then started. The securinginstructions 625 may perform additional security operations while thesecured application 610 is running. When thesecured application 610 terminates its execution, the securinginstructions 625 remain active (to secure other applications which are still run by the OS). -
FIG. 10 illustrates anexecution flow 700 of anapplication 710 protected with securinginstructions 725 stored in theOS kernel 720. The securinginstructions 725 in theOS kernel 720 are running all the time and are constantly scanning applications currently run by the OS, to identify protected applications (e.g. 710). The protectedapplication 710 is first loaded from disk into memory and then immediately put into suspend mode. The securinginstructions 725 detect the suspendedapplication 710 and perform security operations specific to theOS kernel 720, by executing one or more kernel protectors. Examples of security functionalities executed by the kernel protectors include decryption, fixing relocation tables, other dependency resolutions, etc. Thesecured application 710 is then initialized, additional dependency resolutions may be performed, and execution of the binary code of the protectedapplication 710 is started. The securinginstructions 725 may perform additional security operations while thesecured application 710 is running. When thesecured application 710 terminates its execution, the securinginstructions 725 remain active (to secure other applications which are still run by the OS). - Although the securing
instructions 510 of the application inFIG. 6 , the securinginstructions 625 of the OS services inFIG. 9 , and the securinginstructions 725 of the OS kernel inFIG. 10 have been described independently, these securing instructions may be running concurrently to implement the multi-level protection of the application to secure. - In a particular aspect, the current method for securing an application by means of a multi-level security function is combined with a multi-threaded execution of the multi-level security function. Hence, securing the application by executing the application part security function and/or the OS part security function comprises: executing, by the processing unit, the application part security function or the OS part security function as a plurality of threads, with at least two threads being performed in synchronicity. Only the application part security function is executed as a plurality of synchronized threads, only the OS part security function is executed as a plurality of synchronized threads, or both the application part and the OS part security functions are executed as a plurality of synchronized threads (in the latter case, threads for the application part and the OS part are synchronized independently of one another, or are also synchronized with one another).
- Instructions of a security program implement the steps of the method for securing an application by means of a multi-level security function. The instructions are comprised in a computer program product and provide for protecting the application by means of the multi-level security function, when executed by a processing unit (e.g. 21 or 11) of a computing device (e.g. 20 or 10).
- Referring now to
FIG. 11 , a cloud environment is illustrated, where aserver 710 and aclient 720 communicate via their respective communication interfaces through communication links 730 (e.g. a cellular network, a fixed Internet network, etc.). - A
processing unit 712 of theserver 710 executes instruction of the server part 714 (e.g. calculations) of a protected application and aprocessing unit 722 of theclient 720 executes a client part 724 (e.g. a user interface) of the same protected application. Theprocessing unit 712 also executes instructions of aserver OS 713 and theprocessing unit 722 also executes instructions of aclient OS 723. - Securing instructions stored in the
client part 724 of the protected application apply a client part security function when executed by theprocessing unit 722 and securing instructions stored in theserver OS 713 apply a server OS part security function when executed by theprocessing unit 712. Optionally, securing instructions stored in theclient OS 723 also apply a client OS part security function when executed by theprocessing unit 722. Optionally, securing instructions stored in theserver part 714 of the protected application also apply a server application part security function when executed by theprocessing unit 712 - Other combinations of securing instructions respectively stored in the
client part 724 of the protected application for applying a client application part security function, in theserver OS 713 for applying a server OS part security function, in theclient OS 723 for applying a client OS part security function, and in theserver part 714 of the protected application for applying a server application part security function may also be considered by a person skilled in the art. - Method for Securing an Application and/or Data Generated by the Application by Means of a Multi-Level Cipher
- Referring now concurrently to
FIGS. 1 and 5 , a method for securing an application and/or data generated by the application by means of a multi-level cipher is described. - The method divides the execution by a processing unit of instructions for securing the application into securing instructions included into the application itself (for applying an application cipher part), and into securing instructions included into an operating system (OS) running the application (for applying an OS cipher part).
- The method consists in executing by a processing unit (e.g. 11 or 21) of a computing device (e.g. 10 or 20) securing instructions independently stored in the application to secure and in an operating system (OS) running the application to secure. The securing instructions stored in the application generate an application cipher part and the securing instructions stored in the OS generate an OS cipher part. The application is secured by applying the application cipher part and the OS cipher part.
- The securing instructions stored in the OS may include OS kernel instructions for generating an OS kernel cipher part, OS services instructions for generating an OS services cipher part, or a combination of OS kernel instructions and OS services instructions. OS kernel instructions protect operations performed by the kernel of the OS. OS services instructions protect operations performed by the services of the OS.
-
FIG. 5 illustrates exemplary software layers of a computing device (e.g. 10 or 20) for securing anapplication 400 by means of a multi-level cipher. The software layers include OS kernel securing instructions for securing theapplication 400 with an OSkernel cipher part 430, OS services securing instructions for securing theapplication 400 with an OSservices cipher part 420, and application securing instructions for securing theapplication 400 with anapplication cipher part 410. - The different levels of securing instructions (e.g. application level, OS services level and OS kernel level) are configured to work in a stand-alone mode, or in a collaborative mode. The securing instructions at the OS level (e.g. kernel and services) are active all the time, since they are loaded by the OS at boot time. Therefore, these securing instructions can protect the application (e.g. 400) from the earliest stage. This enables application protection as soon as the application is loaded into memory on the computing device.
-
FIG. 6 illustrates anexecution flow 500 of an application protected with securing instruction stored in the application. The application stores the following components: the securing instructions, optionally fake securing instructions for misleading an attacker, and the encrypted original binary code of the application. - The application is first loaded from disk into memory and initialized. Then the securing
instructions 510 are executed. For instance, the securinginstructions 510 apply an application cipher part for decrypting the encrypted original binary code of the application. Then, dependency resolution is performed and the execution of the decrypted original binary code of the application is started. -
FIG. 9 illustrates anexecution flow 600 of anapplication 610 protected with securinginstructions 625 stored in the OS services 620. The securinginstructions 625 in theOS services 620 are running all the time and are constantly scanning applications currently run by the OS, to identify protected applications (e.g. 610). The protectedapplication 610 is first loaded from disk into memory and initialized, and then puts itself into suspendmode 615. The securinginstructions 625 detect the suspendedapplication 610 and perform security operations specific to the OS services 620. For instance, the securinginstructions 625 apply an OS services cipher part for decrypting the encrypted original binary code of theapplication 610. The execution of the decrypted original binary code of the protectedapplication 610 is then started. When thesecured application 610 terminates its execution, the securinginstructions 625 remain active (to secure other applications which are still run by the OS). -
FIG. 10 illustrates anexecution flow 700 of anapplication 710 protected with securinginstructions 725 stored in theOS kernel 720. The securinginstructions 725 in theOS kernel 720 are running all the time and are constantly scanning applications currently run by the OS, to identify protected applications (e.g. 710). The protectedapplication 710 is first loaded from disk into memory and then immediately put into suspend mode. The securinginstructions 725 detect the suspendedapplication 710 and perform security operations specific to theOS kernel 720. For instance, the securinginstructions 725 apply an OS kernel cipher part for decrypting the encrypted original binary code of theapplication 710. Thesecured application 710 is then initialized, dependency resolution is performed, and execution of the decrypted original binary code of the protectedapplication 710 is started. When thesecured application 710 terminates its execution, the securinginstructions 725 remain active (to secure other applications which are still run by the OS). - Although the securing
instructions 510 of the application inFIG. 6 , the securinginstructions 625 of the OS services inFIG. 9 , and the securinginstructions 725 of the OS kernel inFIG. 10 have been described independently, these securing instructions may be running concurrently to implement the multi-level protection of the application to secure. - As illustrated previously, securing the application by applying the application cipher part and the OS cipher part consists in decrypting a binary code of the application. The application of the cipher is performed on a
decrypting computing device 10, which then executes the secured application after decryption of its binary code. - Securing the application by applying the application cipher part and/or the OS cipher part also consist in encrypting data generated by the execution of the application. The data is generated at the application level and/or at the OS level, and are encrypted by the corresponding cipher part. Executing the application and applying the cipher is performed on an
encrypting computing device 20, which then transfers the encrypted data to adecrypting computing device 10. - In a particular aspect, the cipher applied by the current method for securing an application by means of a multi-level cipher consists in the unique cipher generated by the aforementioned method for securing an application by means of a unique cipher. Hence, securing the application by applying the application cipher part and/or the OS cipher part comprises performing at least one iteration of: inputting a random number corresponding to a pre-defined operation, inputting at least one operand, and executing instructions for applying the pre-defined operation to the at least one operand.
- In another particular aspect, the current method for securing an application by means of a multi-level cipher is combined with the aforementioned method for securing an application by means of a multi-threaded cipher. Hence, securing the application by applying the application cipher part and/or the OS cipher part comprises: executing, by the processing unit, the application cipher part or the OS cipher part as a plurality of threads, with at least two threads being performed in synchronicity. Only the application cipher part is executed as a plurality of synchronized threads, only the OS cipher part is executed as a plurality of synchronized threads, or both the application cipher part and the OS cipher part is executed as a plurality of synchronized threads (in this case, threads for each cipher part is synchronized independently of the other cipher part, or are also synchronized with the other cipher part).
- Instructions of a security program implement the steps of the method for securing an application by means of a multi-level cipher. The instructions are comprised in a computer program product and provide for protecting the application by means of the multi-level cipher, when executed by a processing unit (e.g. 21 or 11) of a computing device (e.g. 20 or 10).
- Although the present disclosure has been described hereinabove by way of non-restrictive, illustrative embodiments thereof, these embodiments may be modified at will within the scope of the appended claims without departing from the spirit and nature of the present disclosure.
Claims (19)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US15/319,396 US20170134379A1 (en) | 2014-06-16 | 2015-06-08 | Method for securing an application and data |
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US201462012458P | 2014-06-16 | 2014-06-16 | |
US15/319,396 US20170134379A1 (en) | 2014-06-16 | 2015-06-08 | Method for securing an application and data |
PCT/CA2015/000366 WO2015192206A1 (en) | 2014-06-16 | 2015-06-08 | Methods for securing an application and data |
Publications (1)
Publication Number | Publication Date |
---|---|
US20170134379A1 true US20170134379A1 (en) | 2017-05-11 |
Family
ID=54934591
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US15/319,396 Abandoned US20170134379A1 (en) | 2014-06-16 | 2015-06-08 | Method for securing an application and data |
Country Status (2)
Country | Link |
---|---|
US (1) | US20170134379A1 (en) |
WO (1) | WO2015192206A1 (en) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20220292191A1 (en) * | 2019-08-29 | 2022-09-15 | Nec Corporation | Backdoor inspection apparatus, backdoor inspection method, and non-transitory computer readable medium |
CN113347001B (en) * | 2021-05-31 | 2023-04-28 | 广州众诺电子技术有限公司 | Data protection method, server, system, equipment and medium |
Family Cites Families (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN100431295C (en) * | 2002-11-26 | 2008-11-05 | 松下电器产业株式会社 | Method and device for data encipher/deciphering |
KR100891323B1 (en) * | 2005-05-11 | 2009-03-31 | 삼성전자주식회사 | Method and apparatus to increase complexity of power analysis based on random point representation in binary field Elliptic Curve CryptographyECC |
US20070067643A1 (en) * | 2005-09-21 | 2007-03-22 | Widevine Technologies, Inc. | System and method for software tamper detection |
WO2008064704A1 (en) * | 2006-11-30 | 2008-06-05 | Telecom Italia S.P.A | Method and device for preventing information leakage attacks on a device implementing a cryptographic function |
CN103516513B (en) * | 2013-10-22 | 2017-09-29 | 桂林电子科技大学 | A kind of grouping encryption method of anti-known-plaintext ciphertext to attack |
-
2015
- 2015-06-08 WO PCT/CA2015/000366 patent/WO2015192206A1/en active Application Filing
- 2015-06-08 US US15/319,396 patent/US20170134379A1/en not_active Abandoned
Also Published As
Publication number | Publication date |
---|---|
WO2015192206A1 (en) | 2015-12-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7870399B2 (en) | Software trusted platform module and application security wrapper | |
US11921905B2 (en) | Secure collaboration between processors and processing accelerators in enclaves | |
US7549147B2 (en) | Security framework for protecting rights in computer software | |
US9117094B2 (en) | Data location obfuscation | |
EP2656266B1 (en) | Improvements relating to cryptography using polymorphic code | |
US10503931B2 (en) | Method and apparatus for dynamic executable verification | |
JP6880017B2 (en) | Systems and processes for running private programs on untrusted computers | |
Bauman et al. | Sgxelide: enabling enclave code secrecy via self-modification | |
CN104298932A (en) | Method and device for calling SO file | |
JP7256862B2 (en) | Secure communication method and system between protected containers | |
Haupert et al. | Honey, i shrunk your app security: The state of android app hardening | |
Averbuch et al. | Truly-protect: An efficient VM-based software protection | |
US11409653B2 (en) | Method for AI model transferring with address randomization | |
CN113569248A (en) | Data processing method and computing device | |
CN109325322B (en) | Software intellectual property protection system and method for embedded platform | |
US20170098089A1 (en) | Method of protecting secret data when used in a cryptographic algorithm | |
US20170134379A1 (en) | Method for securing an application and data | |
US20190044709A1 (en) | Incorporating software date information into a key exchange protocol to reduce software tampering | |
Schrittwieser et al. | AES-SEC: Improving software obfuscation through hardware-assistance | |
EP2674892B1 (en) | A method, a device and a computer program support for execution of encrypted computer code | |
Gupta et al. | Security and Cryptography | |
Hossain et al. | Hexon: Protecting firmware using hardware-assisted execution-level obfuscation | |
EP2735992B1 (en) | Software identification | |
US20210026935A1 (en) | High performance compute ip encryption using unique set of application attributes | |
US20210390463A1 (en) | Method for ai model transferring with layer and memory randomization |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: CORPORATION DE L'ECOLE POLYTECHNIQUE DE MONTREAL, Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:NICOLESCU, GABRIELA;NICOLESCU, BOGDAN;REEL/FRAME:042648/0320 Effective date: 20170301 Owner name: 9289-0235 QUEBEC INC., CANADA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:POLYVALOR, LIMITED PARTNERSHIP;REEL/FRAME:042739/0678 Effective date: 20170317 Owner name: POLYVALOR, LIMITED PARTNERSHIP, CANADA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:CORPORATION DE L'ECOLE POLYTECHNIQUE DE MONTREAL;REEL/FRAME:042739/0538 Effective date: 20170303 |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NON FINAL ACTION MAILED |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |